Sharepoint 2013 ADFS Integration duplicates User Profiles for each Authentication Type

Similar Messages

• Create unique user profiles for each separate session

  Hi,
  How can I configure TS environment so that each user (who logs onto Windows using the same generic Windows user ID) gets their own unique Windows user profile.
  For example, imagine a scenario where the users are logging onto Windows using the shared user "SYSTEMAPP"
  The intention is to configure the TS server's Windows, so that it creates unique user profiles for each separate session, for example:
  - SYSTEMAPP
  - SYSTEMAPP.000
  - SYSTEMAPP.001
  - SYSTEMAPP.002 (etc...)
  The server version for TS is Windows Server 2012 and not joined to AD. User IDs are created at Local Users and Groups.
  Kindly advise.

  Hi Susie,
  Just to illustrate my point further. Let's say a user logged into the server using user ID SYSTEMAPP for the first session. So, if
  you browse the folders in the server, you'll be able to see this:
  C:\Users\SYSTEMAPP
  Then, another user logged into the same server as SYSTEMAPP user using other session. In this case, my intention is to configure the
  server to create another unique user profile as below:
  C:\Users\SYSTEMAPP.000
  Subsequently, if more users logged in using the same account, the unique counter number will keep on adding...
  C:\Users\SYSTEMAPP.001
  C:\Users\SYSTEMAPP.002
  C:\Users\SYSTEMAPP.003
  Previously, I checked from my third party software vendor that this can be done but I still cracking my head on this which is why led me
  to this forum.
  Kindly advise.

• Sharepoint 2013 - Active Directory Import User Profile Property manager fields

  Hi there,
  I juste encountered actually a little issue regarding the Active Directory Import User Profil.
  Importation seems to work well but I have a little problem regarding the Manager field.
  When I verify a user profil through the sharepoint admin page ("Manage user profil") , I can see the manager field is correctly populated, but if I want to check my profil as a user (personal information), the manager field is not visible.
  With Sharepoint Admin and Manage Profil Properties, I haven't the possibility to modify some settings for the manager.
  For example, Policy parameters is greyed.
  The only way I found to show this field in a user profil is to give the permission "allow users to Edit values ...".... setting I don't want to set.
  Have you already this sort of issue ?
  Thanks for your help/idea.

  Hi Michael,
  I don't remember well what I did exactly regarding this issue because I played a lot with user profil.
  I know I used this powershell script from Sheyia which in fact help me a lot to clean and create a good profil setting.
  http://blogs.technet.com/b/sheyia/archive/2013/10/09/sharepoint-2013-another-way-to-change-order-for-user-profile-properties-via-powershell.aspx
  For example, this script help me to resolve some double entries.
  Let-me know if it help you (or not of course)

• How to fix Workflow failed to get user profile for user:

  hi All,
  How to fix Workflow failed to get user profile for user when using Lookup function in sharepoint designer?

  Try to use “As string” instead of “Login Name” for the “Return field as”.
  Regards,
  Jayant
  jayant prabhakar

• Worflow failed to get user profile for user

  I have a workflow that sends an email to a user.  In the workflow email, one line has the lookup [%User Profiles:Name%], with Return field "As String" of the list item Field "Account Name" with Value "Current Item:Created By".
  This workflow works for everyone, except it Errors when one user creats an item in this list.  The error is "Workflow failed to get user profile for user...  System Account - An error has occurred in Workflow Name"
  and more detailed error found in logs: "AutoStart Workflow: Microsoft.SharePoint.SPException: Recursive workflows are not permitted.     at Microsoft.SharePoint.Workflow.SPWorkflowAutostartEventReceiver.<>c__DisplayClass1.<AutoStartWorkflow>b__0(SPSite
  superUserSite, SPWeb superUserWeb)
  System.InvalidOperationException: Workflow failed to get user profile for user:domainName\username.     at Microsoft.Office.Workflow.Actions.UserProfileHelper.GetProfile(String propertyName, String user)     at Microsoft.Office.Workflow.Actions.ProfileHelperBase.GetProfileString(String
  propertyName, String userOrOrganization)     at Microsoft.Office.Workflow.Actions.GetUserProfileActivity.Execute(ActivityExecutionContext context)     at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(T activity,
  ActivityExecutionContext executionContext)     at System.Workflow.ComponentModel.ActivityExecutor`1.Execute(Activity activity, ActivityExecutionContext executionContext)     at System.Workflow.ComponentModel.ActivityExecutorOperation.Run(IWorkflowCoreRuntime
  workflowCoreRuntime)     at System.Workflow.Runtime.Scheduler.Run()  "
  When I run "get-addomain -identity [FQDN]", I noticed that our DNSRoot has a totally different name than our NetBIOSName, so I followed this article and made sure to set netbiosdomainnamesenabled to TRUE:
  http://meandmysharepoint.blogspot.ca/2012/09/netbiosdomainnamesenabled-and.html
  To give you an idea of our setup, our DNSRoot is "abc.domain.com" and our NetBIOSName is "TESTING"; 2 totally different names.  When I run "get-addomain -identity [FQDN]", the Name field is: "abc" (just the first
  part of the DNSRoot); therefore, when I look up this user's profile in Sharepoint Manage User Profiles, his account shows as "abc\username" when it should be "TESTING\username".
  I did an IISReset, and I ran a Full Profile Sync. But the workflow still Errors for this user.
  Any ideas how to fix this?  Should I delete MySites and User Profile Service application and recreate them?
  Any tips would be appreciated.
  thanks!

  Hi,
  According to your description, my understanding is that the error occurred when sending an email to the user in workflow.
  Did you delete the existing Connections before setting NetBiosDomainNamesEnabled?
  If not, I recommend to delete and recreate your AD connections, then set NetBiosDomainNamesEnabled to true.
  Or you can delete the original User Profile Service Application and create a new one, then set the NetBiosDomainNamesEnabled to true and start the User Profile Service Application
   synchronization.
  More reference:
  http://social.technet.microsoft.com/wiki/contents/articles/18060.sharepoint-20xx-what-if-the-domain-netbios-name-is-different-than-the-fqdn-of-the-domain-with-user-profile.aspx
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Cannot select ldap user profile for SGD Global Admin

  Hi all,
  I'm trying to select some ldap users to be in the SGD Global Administrators role, but I am unable to check the check box next to the user profile once I navigate to the account. There is no check box to check.
  I am actively using LDAP for regular user auth and application assignment, so I know my LDAP "works" in that sense, I just can't use it to assign global admins.
  Any thoughts?
  Adam

  The only way to do this is to create a user profile for the (would-be) admin account. And since they're an LDAP user, you'll have to use LDAP mirroring to do this. For example, let's say the user you want is "cn=Joe Admin, ou=Users, dc=example, dc=com"
  Go to "User Profiles", and browse to/open:
  dc=com
  cd=example
  create the directory object "ou=Users"
  Inside of "ou=Users", create the user profile object "cn=Joe Admin"
  Add this user object to the Global Administrators role.
  http://docs.sun.com/source/820-4907/chapter3.html#d0e13589

• I have setup a new user profile for myself on my wife's mac. If i authorise it for my content will it remove my wife's authorisation.

  I have set up a separate user profile for myself on my wife's MacBook Air.
  If i authorise this Mac for my content for home sharing, will this remove my wife's authorisation.

  Shared iMac, different users, different iTunes accounts - 90 day hold???

• Design and Web Premium creates huge profile for each network user.

  Just wondering how I can get around the Adobe Design and Web Premium creating a huge profile for each network user. When a new user logs in on the network a 6 GB Adobe Design and Web Premium folder is created in their profile. With dozens of students logging into each machine that equals dozens of 6GB folders.
  Windows 7 environment.

  Moved to Creative Suite Enterprise Deployment.

• How to configure user preferences for each platform

  Currently i dual boot Kubuntu and windows 7 and use a single profile that is shared by both the OS's. The problem is that some changes such as auto-scrolling, double click to copy url text are disabled/configured differently in linux to what i like. I can manually enable auto scrolling in linux, but when i switch to windows and then switch back it is disabled again.
  Is it possible to make a user.js file that sets preferences based on the operating system, eg: user-windows.js, user-linux.js or something like that? I know I can use different profiles for each OS, but it requires keeping all the addons/bookmarks in sync everytime i switch, which i do atleast a couple of times a day.

  hello, with the mozilla.cfg file in the firefox program folder you can set preferences independent of the profile: http://kb.mozillazine.org/Locking_preferences
  edit: these functions can be used in the mozilla.cfg file:
  defaultPref(); // set default value of a preference
  pref(); // set pref, allow changes during session
  lockPref(); // lock pref, disallow changes

• How to add a default user group for multiple document type's?

  Hi,
  I am trying to add same default user group for different document types when MA is created. Is there any way to setup using a single "Document Security Template"? Or I need to create different templates for different document types?
  Please confirm.
  Thanks,
  Saloni

  Hi Saloni,
  Based on what your specific requirement, it might be easier to do it with scripting.
  If you are doing it using Document Security Templates, you would have to create a Document Security Template for each of the 6 MA types and assign the default group. Create another one and leave the Document Type field blank, so it will apply to the other 4 MA types that don't have a default group.
  Regards,
  Vikram

• Production scheduling profile for production order type 10 does not exist – SAP Message No.10085

  When i tried to make confirmation for Production Order through CO15 transaction , i receive the following error message “ Production scheduling profile for production order type 10 does not exist – SAP Message No.10085 “
  In Work Scheduling view, Production Scheduling Profile is maintained as per OPKP only.
  How to check whether production scheduling profile is maintained for relevant order type 10.
  To do this , i went to OPKP & KOT2_OPA transactions but i don’t know how to check. I guide me through with a screen shot.
  Also, pls explain about  “Order Type 10” and how it is linked with material and order execution.
  Looking for a detailed explanation with screen shots , since i am new to SAP.
  Thanks With Regards,
  Dinesh Kumar V.

  Hello Dinesh,
  Please check the order type dependent parameter in OPL8 here you will get the Substitute Scheduler
  Then go to OPCH and check valid production scheduling profile assign here as per OPKP to your production scheduler for your plant.
  Production order have Order category as 10  Process Order  40 in standard SAP you can check this in OPJH.
  Best Regards,
  R.Brahmankar

• Multiple AVC Profile for each SSID

  Hello,
  I know there is limitation on the number of ACLs in each AVC profile, but is there a way to build multiple profiles and link it to the same SSID?
  thanks,

  Hi Sandeep,
  thanks for your reply, I think Cisco should consider allowing provisioning multiple profile for each SSID as the number of applications that needs block are exceeding each profile..
  I do have Guest SSID and I want to block everything using AVC, due to it's limitation, this cannot be achieved.
  Thanks,

• Where can I find the user key precedence hierarchy for each record type?

  Example: I want to update contact records through the CRMOD web service API.
  So I'm looking at the "Oracle Web Services On Demand Guide, Version 6.0 (released August 2010)", page 316, and it lists 3 user keys for Contact.wsdl v2.0 in the following order:
  1. FirstName and LastName
  2. Id
  3. ExternalSystemId
  From what I can see, this order does not seem to reflect the precedence hierarchy of these 3 user keys.
  I've send in a test update where I supplied a FN, LN, and EUID, ... and the contact that matched the EUID got updated.
  (I'm glad it did, because EUID really needs to take precedence over FN+LN, otherwise you could never change a contact's last name without knowing the contact's Row Id.)
  Does anyone know where I can find the precedence hierarchy for each record type's user keys (other than doing the obvious and time consuming "try+error")?

  Hi,
  we experienced similar problems with the account object and asked the oracle support about this. This was their answer:
  "[...] thank you for contacting CRM On Demand Customer Care. Regarding your question, please note the below: when perfoming a query, the user key fields are looked for in this order: - Row id - External System Id - AccountName and Location. Basically, the search will be performed by AccountName and Location only when the other fields are missing. This is an expected behavior because, the Row Id is the strongest filter as it is always unique. The external system Id comes second, as it is supposed to be unique in another system."
  So, I guess the order is always
  1) Row Id
  2) External System Id
  3) specific field combinations...
  kind regards
  Kai
  Edited by: Kai Hartmann on 28.04.2011 07:10

• Create unique user accounts for each Oracle process

  hi,
  Please tell me the command to create unique user accounts for each Oracle process
  Thanks

  create unique user accounts for each Oracle processWhat do you mean by unique user account for each oracle process ? Provide more information.
  do you mean create oracle user?
  create user <username> identified by <password> default tablespace <tablespace_name>;
  -Anantha

• Production scheduling profile for production order type 10 does not exist

  Kindly suggest me how to resolve this error
  Production scheduling profile for production order type 10 does not exist

  Hi Archana,
  Go to material master-work scheduling view and check what is the production scheduling profile maintained for the same materisl -plant combination.
  then go to OPKP and check if production scheduliong profile is maintained for relevent order type 10 in custmizing. If not maintain one and it should resolve the error.